Security researcher F-Secure has confirmed that the latest Digital Rights Management technology Rootkits a user’s PC installing files which are indivisible to the user and cannot be uninstalled.Audio CDs from SonyBMG are known to be using the technology that hides software from the user and security software, however specialised RootKit detection software is able to see, but not remove the files. F-Secure recommends contacting Sony directly to obtain advice on how to uninstall the software.
RootKit technology is increasingly becoming a means for virus writers and hackers to place malware on a PC that is difficult to detect with standard security software, now DRM providers are using the same techniques to enforce the copy control policies of audio CDs says F-Secure.
Sony BMG is currently using a rootkit-based DRM system on some CD records sold in
When you insert the CD into a Windows-based PC you are asked to accept a license agreement. The system then appears to install a song player software, but in reality it is also installing a rootkit to the system.
Once the rootkit is there, says F-Secure, there’s no direct way to uninstall it. The system is implemented in a way that makes it possible for viruses (or any other malicious program) to use the rootkit to hide themselves too. This may lead to a situation where the virus remains undetected even if the user has got updated antivirus software installed.
Users who suspect they may have been infected with the DRM software can detect it with F-Secure’s free BlackLight beta that you can download here.
However, the company recommends that users don’t attempt to remove it with F-Secure product and suggests users contact contact Sony BMG directly to ask for directions on how to remove the software from your system.
F-Secure asked for directions and SonyBMG provided removal tools which worked, but which also installed additional ActiveX components to the PC.